US20080251905A1 - Package-on-package secure module having anti-tamper mesh in the substrate of the upper package - Google Patents
Package-on-package secure module having anti-tamper mesh in the substrate of the upper package Download PDFInfo
- Publication number
- US20080251905A1 US20080251905A1 US11/786,871 US78687107A US2008251905A1 US 20080251905 A1 US20080251905 A1 US 20080251905A1 US 78687107 A US78687107 A US 78687107A US 2008251905 A1 US2008251905 A1 US 2008251905A1
- Authority
- US
- United States
- Prior art keywords
- bga package
- package
- substrate member
- bga
- integrated circuit
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H01—ELECTRIC ELEMENTS
- H01L—SEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
- H01L23/00—Details of semiconductor or other solid state devices
- H01L23/48—Arrangements for conducting electric current to or from the solid state body in operation, e.g. leads, terminal arrangements ; Selection of materials therefor
- H01L23/488—Arrangements for conducting electric current to or from the solid state body in operation, e.g. leads, terminal arrangements ; Selection of materials therefor consisting of soldered or bonded constructions
- H01L23/498—Leads, i.e. metallisations or lead-frames on insulating substrates, e.g. chip carriers
- H01L23/49811—Additional leads joined to the metallisation on the insulating substrate, e.g. pins, bumps, wires, flat leads
- H01L23/49816—Spherical bumps on the substrate for external connection, e.g. ball grid arrays [BGA]
-
- H—ELECTRICITY
- H01—ELECTRIC ELEMENTS
- H01L—SEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
- H01L23/00—Details of semiconductor or other solid state devices
- H01L23/57—Protection from inspection, reverse engineering or tampering
- H01L23/576—Protection from inspection, reverse engineering or tampering using active circuits
-
- H—ELECTRICITY
- H01—ELECTRIC ELEMENTS
- H01L—SEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
- H01L25/00—Assemblies consisting of a plurality of individual semiconductor or other solid state devices ; Multistep manufacturing processes thereof
- H01L25/03—Assemblies consisting of a plurality of individual semiconductor or other solid state devices ; Multistep manufacturing processes thereof all the devices being of a type provided for in the same subgroup of groups H01L27/00 - H01L33/00, or in a single subclass of H10K, H10N, e.g. assemblies of rectifier diodes
- H01L25/04—Assemblies consisting of a plurality of individual semiconductor or other solid state devices ; Multistep manufacturing processes thereof all the devices being of a type provided for in the same subgroup of groups H01L27/00 - H01L33/00, or in a single subclass of H10K, H10N, e.g. assemblies of rectifier diodes the devices not having separate containers
- H01L25/065—Assemblies consisting of a plurality of individual semiconductor or other solid state devices ; Multistep manufacturing processes thereof all the devices being of a type provided for in the same subgroup of groups H01L27/00 - H01L33/00, or in a single subclass of H10K, H10N, e.g. assemblies of rectifier diodes the devices not having separate containers the devices being of a type provided for in group H01L27/00
- H01L25/0655—Assemblies consisting of a plurality of individual semiconductor or other solid state devices ; Multistep manufacturing processes thereof all the devices being of a type provided for in the same subgroup of groups H01L27/00 - H01L33/00, or in a single subclass of H10K, H10N, e.g. assemblies of rectifier diodes the devices not having separate containers the devices being of a type provided for in group H01L27/00 the devices being arranged next to each other
-
- H—ELECTRICITY
- H01—ELECTRIC ELEMENTS
- H01L—SEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
- H01L25/00—Assemblies consisting of a plurality of individual semiconductor or other solid state devices ; Multistep manufacturing processes thereof
- H01L25/03—Assemblies consisting of a plurality of individual semiconductor or other solid state devices ; Multistep manufacturing processes thereof all the devices being of a type provided for in the same subgroup of groups H01L27/00 - H01L33/00, or in a single subclass of H10K, H10N, e.g. assemblies of rectifier diodes
- H01L25/10—Assemblies consisting of a plurality of individual semiconductor or other solid state devices ; Multistep manufacturing processes thereof all the devices being of a type provided for in the same subgroup of groups H01L27/00 - H01L33/00, or in a single subclass of H10K, H10N, e.g. assemblies of rectifier diodes the devices having separate containers
- H01L25/105—Assemblies consisting of a plurality of individual semiconductor or other solid state devices ; Multistep manufacturing processes thereof all the devices being of a type provided for in the same subgroup of groups H01L27/00 - H01L33/00, or in a single subclass of H10K, H10N, e.g. assemblies of rectifier diodes the devices having separate containers the devices being of a type provided for in group H01L27/00
-
- H—ELECTRICITY
- H01—ELECTRIC ELEMENTS
- H01L—SEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
- H01L25/00—Assemblies consisting of a plurality of individual semiconductor or other solid state devices ; Multistep manufacturing processes thereof
- H01L25/16—Assemblies consisting of a plurality of individual semiconductor or other solid state devices ; Multistep manufacturing processes thereof the devices being of types provided for in two or more different main groups of groups H01L27/00 - H01L33/00, or in a single subclass of H10K, H10N, e.g. forming hybrid circuits
-
- H—ELECTRICITY
- H01—ELECTRIC ELEMENTS
- H01L—SEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
- H01L2224/00—Indexing scheme for arrangements for connecting or disconnecting semiconductor or solid-state bodies and methods related thereto as covered by H01L24/00
- H01L2224/01—Means for bonding being attached to, or being formed on, the surface to be connected, e.g. chip-to-package, die-attach, "first-level" interconnects; Manufacturing methods related thereto
- H01L2224/42—Wire connectors; Manufacturing methods related thereto
- H01L2224/47—Structure, shape, material or disposition of the wire connectors after the connecting process
- H01L2224/48—Structure, shape, material or disposition of the wire connectors after the connecting process of an individual wire connector
- H01L2224/4805—Shape
- H01L2224/4809—Loop shape
- H01L2224/48091—Arched
-
- H—ELECTRICITY
- H01—ELECTRIC ELEMENTS
- H01L—SEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
- H01L2224/00—Indexing scheme for arrangements for connecting or disconnecting semiconductor or solid-state bodies and methods related thereto as covered by H01L24/00
- H01L2224/01—Means for bonding being attached to, or being formed on, the surface to be connected, e.g. chip-to-package, die-attach, "first-level" interconnects; Manufacturing methods related thereto
- H01L2224/42—Wire connectors; Manufacturing methods related thereto
- H01L2224/47—Structure, shape, material or disposition of the wire connectors after the connecting process
- H01L2224/48—Structure, shape, material or disposition of the wire connectors after the connecting process of an individual wire connector
- H01L2224/481—Disposition
- H01L2224/48151—Connecting between a semiconductor or solid-state body and an item not being a semiconductor or solid-state body, e.g. chip-to-substrate, chip-to-passive
- H01L2224/48221—Connecting between a semiconductor or solid-state body and an item not being a semiconductor or solid-state body, e.g. chip-to-substrate, chip-to-passive the body and the item being stacked
- H01L2224/48225—Connecting between a semiconductor or solid-state body and an item not being a semiconductor or solid-state body, e.g. chip-to-substrate, chip-to-passive the body and the item being stacked the item being non-metallic, e.g. insulating substrate with or without metallisation
- H01L2224/48227—Connecting between a semiconductor or solid-state body and an item not being a semiconductor or solid-state body, e.g. chip-to-substrate, chip-to-passive the body and the item being stacked the item being non-metallic, e.g. insulating substrate with or without metallisation connecting the wire to a bond pad of the item
-
- H—ELECTRICITY
- H01—ELECTRIC ELEMENTS
- H01L—SEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
- H01L2225/00—Details relating to assemblies covered by the group H01L25/00 but not provided for in its subgroups
- H01L2225/03—All the devices being of a type provided for in the same subgroup of groups H01L27/00 - H01L33/648 and H10K99/00
- H01L2225/10—All the devices being of a type provided for in the same subgroup of groups H01L27/00 - H01L33/648 and H10K99/00 the devices having separate containers
- H01L2225/1005—All the devices being of a type provided for in the same subgroup of groups H01L27/00 - H01L33/648 and H10K99/00 the devices having separate containers the devices being of a type provided for in group H01L27/00
- H01L2225/1011—All the devices being of a type provided for in the same subgroup of groups H01L27/00 - H01L33/648 and H10K99/00 the devices having separate containers the devices being of a type provided for in group H01L27/00 the containers being in a stacked arrangement
- H01L2225/1047—Details of electrical connections between containers
- H01L2225/1058—Bump or bump-like electrical connections, e.g. balls, pillars, posts
-
- H—ELECTRICITY
- H01—ELECTRIC ELEMENTS
- H01L—SEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
- H01L24/00—Arrangements for connecting or disconnecting semiconductor or solid-state bodies; Methods or apparatus related thereto
- H01L24/01—Means for bonding being attached to, or being formed on, the surface to be connected, e.g. chip-to-package, die-attach, "first-level" interconnects; Manufacturing methods related thereto
- H01L24/42—Wire connectors; Manufacturing methods related thereto
- H01L24/47—Structure, shape, material or disposition of the wire connectors after the connecting process
- H01L24/48—Structure, shape, material or disposition of the wire connectors after the connecting process of an individual wire connector
-
- H—ELECTRICITY
- H01—ELECTRIC ELEMENTS
- H01L—SEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
- H01L2924/00—Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
- H01L2924/0001—Technical content checked by a classifier
- H01L2924/00014—Technical content checked by a classifier the subject-matter covered by the group, the symbol of which is combined with the symbol of this group, being disclosed without further technical details
-
- H—ELECTRICITY
- H01—ELECTRIC ELEMENTS
- H01L—SEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
- H01L2924/00—Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
- H01L2924/01—Chemical elements
- H01L2924/01019—Potassium [K]
-
- H—ELECTRICITY
- H01—ELECTRIC ELEMENTS
- H01L—SEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
- H01L2924/00—Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
- H01L2924/10—Details of semiconductor or other solid state devices to be connected
- H01L2924/11—Device type
- H01L2924/14—Integrated circuits
-
- H—ELECTRICITY
- H01—ELECTRIC ELEMENTS
- H01L—SEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
- H01L2924/00—Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
- H01L2924/15—Details of package parts other than the semiconductor or other solid state devices to be connected
- H01L2924/151—Die mounting substrate
- H01L2924/1515—Shape
- H01L2924/15153—Shape the die mounting substrate comprising a recess for hosting the device
-
- H—ELECTRICITY
- H01—ELECTRIC ELEMENTS
- H01L—SEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
- H01L2924/00—Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
- H01L2924/15—Details of package parts other than the semiconductor or other solid state devices to be connected
- H01L2924/151—Die mounting substrate
- H01L2924/1517—Multilayer substrate
- H01L2924/15192—Resurf arrangement of the internal vias
-
- H—ELECTRICITY
- H01—ELECTRIC ELEMENTS
- H01L—SEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
- H01L2924/00—Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
- H01L2924/15—Details of package parts other than the semiconductor or other solid state devices to be connected
- H01L2924/151—Die mounting substrate
- H01L2924/153—Connection portion
- H01L2924/1532—Connection portion the connection portion being formed on the die mounting surface of the substrate
- H01L2924/15321—Connection portion the connection portion being formed on the die mounting surface of the substrate being a ball array, e.g. BGA
-
- H—ELECTRICITY
- H01—ELECTRIC ELEMENTS
- H01L—SEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
- H01L2924/00—Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
- H01L2924/15—Details of package parts other than the semiconductor or other solid state devices to be connected
- H01L2924/151—Die mounting substrate
- H01L2924/153—Connection portion
- H01L2924/1532—Connection portion the connection portion being formed on the die mounting surface of the substrate
- H01L2924/1533—Connection portion the connection portion being formed on the die mounting surface of the substrate the connection portion being formed both on the die mounting surface of the substrate and outside the die mounting surface of the substrate
- H01L2924/15331—Connection portion the connection portion being formed on the die mounting surface of the substrate the connection portion being formed both on the die mounting surface of the substrate and outside the die mounting surface of the substrate being a ball array, e.g. BGA
-
- H—ELECTRICITY
- H01—ELECTRIC ELEMENTS
- H01L—SEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
- H01L2924/00—Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
- H01L2924/15—Details of package parts other than the semiconductor or other solid state devices to be connected
- H01L2924/181—Encapsulation
-
- H—ELECTRICITY
- H01—ELECTRIC ELEMENTS
- H01L—SEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
- H01L2924/00—Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
- H01L2924/19—Details of hybrid assemblies other than the semiconductor or other solid state devices to be connected
- H01L2924/1901—Structure
- H01L2924/1904—Component type
- H01L2924/19041—Component type being a capacitor
-
- H—ELECTRICITY
- H01—ELECTRIC ELEMENTS
- H01L—SEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
- H01L2924/00—Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
- H01L2924/19—Details of hybrid assemblies other than the semiconductor or other solid state devices to be connected
- H01L2924/1901—Structure
- H01L2924/1904—Component type
- H01L2924/19043—Component type being a resistor
-
- H—ELECTRICITY
- H01—ELECTRIC ELEMENTS
- H01L—SEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
- H01L2924/00—Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
- H01L2924/19—Details of hybrid assemblies other than the semiconductor or other solid state devices to be connected
- H01L2924/191—Disposition
- H01L2924/19101—Disposition of discrete passive components
- H01L2924/19105—Disposition of discrete passive components in a side-by-side arrangement on a common die mounting substrate
-
- H—ELECTRICITY
- H01—ELECTRIC ELEMENTS
- H01L—SEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
- H01L2924/00—Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
- H01L2924/19—Details of hybrid assemblies other than the semiconductor or other solid state devices to be connected
- H01L2924/191—Disposition
- H01L2924/19101—Disposition of discrete passive components
- H01L2924/19106—Disposition of discrete passive components in a mirrored arrangement on two different side of a common die mounting substrate
-
- H—ELECTRICITY
- H01—ELECTRIC ELEMENTS
- H01L—SEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
- H01L2924/00—Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
- H01L2924/30—Technical effects
- H01L2924/301—Electrical effects
- H01L2924/3025—Electromagnetic shielding
Definitions
- the described embodiments relate to securing electronic components and data from unauthorized access, and more particularly to securing electronic components in Point Of Sale (POS) terminals.
- POS Point Of Sale
- POS terminal Purchases are often made using an electronic device called a Point Of Sale (POS) terminal.
- the POS terminal is typically coupled to a financial institution via an electronic communication link.
- a customer in a store may, for example, present a debit card, credit card, cash card or smart card to the store's cashier for payment.
- a customer in a store may, for example, present a debit card, credit card, cash card or smart card to the store's cashier for payment.
- the customer presents the smart card to the cashier of the store.
- the cashier pushes the smart card into a smart card reader port on the POS terminal and the POS terminal reads an account number stored in the smart card.
- the customer then, for identification purposes, typically enters a Personal Identification Number (PIN) into a keypad device coupled to the POS terminal.
- PIN Personal Identification Number
- the customer may also enter other identification information.
- the customer may, for example, provide a signature on a signature capture device coupled to the POS terminal.
- the POS terminal uses an encryption key stored in the POS terminal to encrypt the account number (from the smart card), the identification number (for example, the PIN number), and other information about the transaction such as the amount of the transaction and the date of the transaction.
- the encrypted information is sent from the POS terminal to the financial institution via a modem or other electronic communication link.
- the financial institution receives the encrypted information and uses an encryption key to decrypt the information and recover the account number, identification information, and information about the transaction.
- the transaction is a debit transaction
- the bank account of the customer is debited.
- a confirmation of the transaction is then encrypted using the encryption key and the encrypted confirmation is communicated from the financial institution back to the POS terminal.
- the POS terminal uses the encryption key stored in the point of sale terminal to decrypt the confirmation.
- the confirmation is printed out as part of a transaction receipt and a copy of the receipt is provided to the customer.
- Encryption keys are typically stored in the POS terminal so that the POS terminal can communicate with the financial institution in a secure manner.
- information about customers is stored in and/or passes through the POS terminal. Such information may include account numbers and their associated PIN numbers.
- the integrated circuits within the POS terminal that contain the sensitive information are surrounded, encased or covered with a fine wire mesh. Certain of the conductors of the mesh are coupled to a first terminal of the integrated circuit, whereas others of the conductors of the mesh are coupled to a second terminal of the integrated.
- the integrated circuit monitors the first and second terminals. If a thief were to attempt to probe through the mesh to get access to the integrated circuit, then certain of the conductors would likely be cut or pushed together. This condition would be detected by the integrated circuit as a tamper condition. If the integrated circuit were to detect such a tamper condition, then the integrated circuit would quickly erase the sensitive information (for example, encryption keys) so that if the thief were to then gain access to the integrated circuit, the sensitive information would have already been erased.
- sensitive information for example, encryption keys
- the POS terminal includes a processor integrated circuit, a Static Random Access Memory (SRAM) integrated circuit, and a non-volatile memory integrated circuit.
- the processor and SRAM integrated circuits are covered with an anti-tamper mesh.
- An application program is stored in the nonvolatile memory.
- an operating system executing on the processor transfers the application program from the nonvolatile memory to the SRAM.
- Encryption keys are stored in Read Only Memory (ROM) on the processor integrated circuit. If the processor validates the application program to be a valid image, then the processor executes the application program out of SRAM. Subsequent operation of the POS terminal may use the encryption keys and may temporarily place the encryption keys in the SRAM. Accordingly, upon detection of a tamper condition, the SRAM as well as other volatile storage locations in the processor are quickly erased before a thief can gain access to the sensitive information stored in volatile memory in the processor and SRAM integrated circuits.
- ROM Read Only Memory
- U.S. Pat. No. 6,646,565 describes a POS terminal having a secure case.
- the case includes what is called a security fence module that is sandwiched between two printed circuit boards.
- Each of the printed circuit boards includes a serpentine trace layer so that the assembly of the two printed circuit boards and the security fence module together enclose a secured volume.
- U.S. Pat. No. 7,054,162 describes a security module that includes a substrate and a cover.
- the substrate and cover include inter-digitated serpentine serial conductive paths.
- the serpentine conductive paths essentially surround the volume enclosed between the cover and substrate.
- the grid array of connections at the periphery of abutting cover and substrate have a staggered row or picket fence configuration that prevents intrusion from the side.
- U.S. Patent Application Publication No. 2007/0038865 describes a cap that is adapted to mount to a printed circuit board such that tamper-proof tracks in the cover are linked with tamper-proof tracks in the printed circuit board.
- the tracks in the cap and printed circuit board together form a tamper-proof security shield that protects a chamber.
- U.S. Pat. No. 7,065,656 describes a method of protecting a printed circuit board from tampering by applying flexible plastic polymer layers having embedded trip wires.
- U.S. Patent Application Publication No. 2006/0231633 describes a tamper resistant ceramic multi-chip module (MCM) that includes a ceramic chip carrier and a ceramic cap. Each of the chip carrier and the cap includes what are called security meander lines. Solder balls or solder fillets couple the cap to the chip carrier so as to enclose an internal cavity.
- MCM ceramic multi-chip module
- U.S. Patent Application Publication No. 2006/0087883 describes an anti-tamper module involving a connection layer that connects the module to an external system using a ball-grid array of solder balls.
- a wire mesh encased in epoxy is a protective layer that encases the module.
- U.S. Pat. No. 5,861,662 describes an anti-tamper shield for an integrated circuit.
- the conductors of the shield have a grid pattern and are made of conductive epoxy.
- U.S. Patent Application Publication No. 2007/0018334 describes a cavity-down integrated circuit package that has an embedded security shield.
- a printed circuit board also has an embedded security shield.
- the shield in the package and the shield in the printed circuit board together form a security envelope that shields the integrated circuit of the package from tampering.
- a Package-On-Package (POP) secure module sees use in a Point Of Sale (POS) terminal.
- the POP secure module includes a first ball grid array (BGA) package portion and a second BGA package portion.
- the first BGA package portion includes a substrate member, an array of bond balls that is disposed on a side of a substrate member, and an array of lands that is disposed on the opposite side of the substrate member. Bond balls of the second BGA package portion are fixed to the lands of the first BGA package portion such that the second BGA package portion is piggy-back mounted to the first BGA package portion.
- Embedded in the substrate member of the second BGA package portion is a first anti-tamper security mesh.
- the first anti-tamper security mesh extends laterally in the plane of the substrate member, and also extends vertically in a curtain-like fashion to form a picket fence security mesh structure around the side edges of the module.
- An integrated circuit in the first BGA package portion is coupled to, drives and monitors the first anti-tamper security mesh.
- the integrated circuit is coupled to, drives and monitors a second anti-tamper security mesh.
- the second anti-tamper security mesh is realized in a metal trace layer within the PCB upon which the POP secure module is mounted.
- the second anti-tamper security mesh extends underneath the POP secure module. Accordingly, the planar portion of the first mesh in the substrate member of the second BGA package portion protects against intrusion from above, the picket fence peripheral extension of the first mesh protects against intrusion from the sides, and the second mesh in the underlying PCB protects against intrusion from below.
- the integrated circuit in the first BGA package portion is a specialized integrated circuit that includes tamper detection logic and special circuitry that is specially adapted for use in a point of sale terminal.
- the integrated circuit is produced and sold by an entity (for example, a first semiconductor company) that does not make and sell memory devices for general use.
- the second BGA package portion contains a general purpose memory integrated circuit that is produced and sold by an entity (for example, a second semiconductor company) that does sell discrete memory devices for general use.
- This memory integrated circuit is a type that sees primary use in applications other than in point of sale terminals. Compared to the specialized integrated circuit, the memory integrated circuit is mass produced in larger volumes.
- the memory needed in the secure module is provided by including the discrete memory integrated circuit rather than by providing additional memory on the specialized integrated circuit and making the specialized integrated circuit larger in order to take advantage of the relatively low cost of providing the memory in the form of an integrated circuit that is produced in higher volumes.
- Both the specialized integrated circuit and the mass produced memory integrated circuit are enclosed in a secure volume that is shielded by the first and second anti-tamper security meshes. If a tamper condition is detected, then the contents of the discrete memory integrated circuit are quickly erased as prompted by tamper detection logic in the specialized integrated circuit.
- the secure module involving a separate SRAM integrated circuit in a POP module allows different versions of the module to be realized without having to modify either the design of the specialized integrated circuit or the substrate member of the first BGA package portion.
- An added benefit of the POP package is that a different sized memory or different memory type can be provided in different version of the module without changing the first BGA package portion or its specialized integrated circuit.
- the specialized integrated circuit and the memory integrated circuit are disposed, side by side, in a single cavity-down ball grid array (BGA) package.
- the BGA package includes a substrate member.
- An anti-tamper security mesh is embedded in the substrate member, and the specialized integrated circuit is coupled to, drives and monitors the anti-tamper security mesh.
- the specialized integrated circuit also is coupled to, drives and monitors a second anti-tamper security mesh.
- the second anti-tamper security mesh is realized in a metal trace layer within the PCB upon which the BGA package is mounted. The second anti-tamper security mesh extends underneath the BGA package.
- FIG. 1 is a simplified cross-sectional view of a Package-On-Package (POP) secure module 10 in accordance with a first novel aspect.
- POP Package-On-Package
- FIG. 2 is a perspective view of the POP secure module 10 of FIG. 1 .
- FIG. 3 is a perspective view of the bottom of the POP secure module 10 of FIG. 1 with the encapsulant removed to expose integrated circuit 14 .
- FIG. 4 is a perspective view that illustrates the picket fence extension of the first anti-tamper security mesh.
- FIG. 5 is a simplified cross-sectional diagram showing the POP secure module 10 of FIG. 1 in use in a point of sale (POS) terminal.
- POS point of sale
- FIG. 6 is an expanded view of a part of FIG. 5 .
- FIG. 7 is a circuit diagram that shows how integrated circuit 14 is connected to the first and second anti-tamper security meshes 39 and 50 .
- FIG. 8 is a simplified circuit diagram that illustrates how integrated circuit 14 drives and monitors a conductor of a security mesh.
- FIG. 9 is a simplified circuit diagram that shows another way that integrated circuit 14 can drive and monitor first and second anti-tamper security meshes 39 and 50 .
- FIGS. 10-12 are diagrams of a single cavity-down ball grid array (BGA) package whose substrate member includes an anti-tamper security mesh in accordance with a second novel aspect.
- BGA ball grid array
- FIG. 1 is a simplified cross-sectional diagram of a novel Package-On-Package (POP) secure module 10 .
- POP secure module 10 includes a first Ball Grid Array (BGA) package portion 11 , and a second BGA package portion 12 .
- First BGA package portion 11 includes a substrate member 13 , an integrated circuit die 14 , an array of bond balls, an array of lands, and discrete components 15 and 16 .
- Six of the bond balls 17 - 22 are illustrated in the cross-sectional view.
- Integrated circuit die 14 is connected by wire bonds to substrate member 13 and is encapsulated with a block of encapsulant 23 such as epoxy potting encapsulant. Two of the bond wires 24 and 25 , and four of the lands 26 - 29 are illustrated in the cross-sectional view.
- Second BGA package portion 12 includes a substrate member 30 , an integrated circuit die 31 , and an array of bond balls. Four of the bond balls 32 - 35 are illustrated in the cross-sectional view. Integrated circuit die 31 is connected by wire bonds to substrate member 30 and is encapsulated with block of encapsulant 36 . Two of the bond wires 37 and 38 are illustrated in the cross-sectional view. The bond balls 32 - 35 of second BGA package portion 12 register with and are fixed to corresponding ones of the lands 26 - 29 on the upper surface of the substrate member 13 of the first BGA package portion 11 . The second BGA package portion 12 is therefore piggy-back mounted to the first BGA package portion 11 so that the two BGA package portions together form a secure module.
- the substrate members 13 and 30 are multiple layer printed circuit boards of the type customarily used in the manufacture of BGA packages.
- Substrate member 30 of the second BGA package portion 12 includes a first anti-tamper security mesh 39 of conductors.
- the conductors of mesh 39 are approximately 0.2 millimeters wide and are spaced at approximately 0.2 millimeters from one another.
- the mesh is powered and monitored by tamper control logic (see reference numeral 116 in FIG. 7 ) on integrated circuit die 14 .
- the tamper control logic an integrated circuit die 14 is connected to conductors in mesh 39 via bond balls of the second BGA package portion that are not located on the periphery of substrate member 30 .
- the tamper control logic is coupled to a first conductor (WIRE 0 ) of mesh 39 via a first terminal 40 , bond wire 24 , bond pad 41 , laterally extending conductor 42 , conductive via 43 , land 27 , bond ball 33 , and conductive via 44 .
- the tamper control logic is also coupled to a second conductor (WIRE 1 ) of mesh 39 via a second terminal 45 , bond wire 25 , bond pad 46 , laterally extending conductor 47 , via 48 , land 28 , bond ball 34 , and conductive via 49 .
- the tamper control logic on integrated circuit die 14 also is coupled to, powers and monitors a second anti-tamper security mesh 50 (see FIGS. 5 and 6 ) located in the printed circuit board upon which the module 10 is mounted.
- the tamper control logic on integrated circuit die 14 is connected to the two conductors (WIRE 3 and WIRE 4 ) of second mesh 50 via bond balls of the first BGA package portion 11 . These bond balls are not located at the periphery of substrate member 13 but rather are located toward the inside of first BGA package portion 11 .
- the connections from integrated circuit die 14 to this second mesh are not seen in the simplified cross-section of FIG.
- the tamper control logic is coupled to a first conductor (WIRE 3 ) of the second mesh 50 via a third terminal, a bond wire, an inner bond ball such as bond ball 19 , and a surface mount pad on the printed circuit board and a conductive via that extends down into the printed circuit board to the first conductor in second mesh 50 .
- the tamper control logic is coupled to a second conductor (WIRE 3 ) of the second mesh via a fourth terminal, a bond wire, an inner bond ball such as bond ball 20 , and a surface mount pad on the printed circuit board and a conductive via that extends down into the printed circuit board to the second conductor in second mesh 50 .
- FIG. 2 is a perspective view of the POP security module 10 of FIG. 1 .
- the dashed lines labeled with numeral 39 are not visible from the outside of module 10 , but rather illustrate the plane in which the mesh 39 is disposed within substrate member 30 .
- FIG. 3 is a perspective view of the bottom of module 10 with encapsulant 23 removed to show integrated circuit die 14 and its bond wires.
- FIG. 4 illustrates the form of the peripheral portion of mesh 39 .
- Mesh 39 rather than just existing in a laterally extending plane within substrate member 30 , is also made to cup down around the side edges of POP secure module 10 .
- the two conductors of mesh 39 are made to meander vertically up and down through the bond balls of the first and second BGA package portions 11 and 12 so as to form a picket fence like security structure that surrounds the integrated circuit dice 14 and 31 in the lateral dimension.
- a “picket” here involves a connection from a bond ball of the second BGA package portion 12 , through a land on the upper surface of first BGA package portion 11 , then down through substrate member 13 , and through a bond ball of first BGA package portion 11 such that the two bond balls and the connection between them form a substantially vertical conductive path.
- the arrows drawn with the solid line represent pickets that are parts of the first conductor of mesh 39 .
- the arrows drawn with the dashed line represent pickets that are parts of the second conductor of mesh 39 .
- the picket fence like security structure helps protect against probing of the module from the sides.
- integrated circuit die 14 is a microcontroller-based integrated circuit that includes tamper control circuitry 116 , a specialized boot loader mechanism, a secure memory 123 , a processor 122 , and other specialized circuitry for a point of sale terminal application.
- integrated circuit 14 see: U.S. patent application Ser. No. 10/918,272, entitled “Secure Transaction Microcontroller With Secure Boot Loader”, filed Aug. 13, 2004, by Hsiang et al. (the subject matter of which is incorporated herein by reference).
- the backside of integrated circuit die 14 is thinned by mechanical grinding so that die 14 is approximately six to eight mils thick.
- the bond balls of the first BGA package portion 11 are approximately eighteen mils in diameter.
- the bond balls of the second BGA package portion 12 are approximately twenty one mils in diameter.
- integrated circuit 31 is a mass produced SDRAM die that is manufactured by an entity other than the entity that sells integrated circuit die 14 .
- the maker of the SDRAM makes and sells discrete memory integrated circuits, whereas the maker of integrated circuit die 14 does not.
- the SDRAM component sees many uses other than use in a POS terminal and consequently it is produced in much higher volumes than is the relatively specialized integrated circuit die 14 .
- SDRAM 31 is provided in secure module 10 rather than providing additional memory on integrated circuit die 14 and making die 14 larger in order to take advantage of the relatively low cost of providing the memory in the form of a mass produced integrated circuit.
- FIG. 5 is a cross-sectional diagram of a portion of a point of sale (POS) terminal 100 that includes POP secure module 10 .
- POP secure module 10 a FLASH memory device 101 , a battery 102 , and a smart card reader port 103 are surface mounted to a first side of a printed circuit board 104 .
- a flexible keypad 105 and a tamper detect switch 106 are disposed a second side of the printed circuit board 104 opposite module 10 .
- Each of the keys of keypad 105 has a conductive portion. When the key is pressed, the conductive portion of the key makes contact with and couples together an associated pair of interdigitated contact pads on printed circuit board 104 .
- Integrated circuit die 14 includes key scanning circuitry for detecting which key is pressed.
- the second anti-tamper security mesh 50 is disposed in a metal trace layer within printed circuit board 104 .
- printed circuit board 104 has four metal trace layers.
- the interdigitated contact pads for the keypad are parts of the bottom metal layer.
- Second anti-tamper security mesh 50 is located in the next bottom most metal layer so that it is close to keypad 105 . Providing mesh 50 close to keypad 105 helps prevent a hacker from gaining access to the backside of the keypad and monitoring key presses.
- FIG. 6 shows POS security module 10 and second mesh 50 of FIG. 5 in further detail.
- Mesh 50 is driven and is sensed by integrated circuit die 14 .
- a third terminal 124 (not shown in FIG. 6 , see FIG. 7 ) of integrated circuit die 14 is coupled by a bond wire (not shown) and conductors (not shown) in substrate member 13 to bond ball 19 .
- Bond ball 19 is in turn connected by a surface mount pad and a vertically extending conductive via 107 to the first conductor in second anti-tamper mesh 50 .
- a fourth terminal 125 (not shown in FIG. 6 , see FIG. 7 ) of integrated circuit die 14 is coupled by a bond wire (not shown) and conductors (not shown) in substrate member 13 to bond ball 20 .
- Bond ball 20 is in turn connected by a surface mount pad and a vertically extending conductive via 108 to the second conductor in second anti-tamper mesh 50 .
- FIG. 7 is a simplified circuit diagram that shows how integrated circuit die 14 is coupled to the first and second meshes 39 and 50 .
- First terminal 40 and second terminal 45 are the terminals illustrated in FIG. 1 that are coupled to the first and second conductors 109 and 110 of the first anti-tamper security mesh 39 , respectively.
- mesh 39 is illustrated in FIG. 7 as having a regular serpentine path, the actual paths of conductors 109 and 110 of mesh 39 extend across the plane illustrated with the dashed line in FIG. 1 as well through the picket fence structure illustrated in FIG. 4 .
- Each conductor of mesh 39 is terminated with a termination resistor.
- Termination resistors 111 and 112 are discrete components and are mounted to surface mount pads on the upper surface of substrate member 13 .
- Discrete component 16 of FIG. 1 is resistor 111 .
- Resistor 112 is not seen in the particular cross-section of FIG. 1 .
- Discrete component 15 is a bypass capacitor.
- There are two bond balls used to connect to each of the two conductors of mesh 39 one for connecting a first end of the conductor to the tamper terminal of the integrated circuit, and a second for connecting the second end of the conductor to its corresponding discrete termination resistor.
- the terminals 113 and 114 labeled SWITCH 0 and SWITCH 1 in FIG. 7 are terminals that detect an opening of a tamper switch.
- Switch 106 of FIG. 5 is an example of a tamper switch. Tamper switches are positioned at various places in the POS terminal such that opening the POS terminal enclosure will cause one of more of these switches to open. For example, the top and bottom portions of the plastic enclosure of the POS terminal together may hold one of these switches in the closed position. If the enclosure is opened, then the top and bottom portions will separate and will no longer hold switch 106 in the closed position.
- FIG. 8 is a simplified circuit diagram of circuitry that illustrates how the conductor of the first and second meshes are driven and monitored.
- current source 117 is disabled by tamper detect logic 116 .
- Termination resistor 111 therefore maintains the voltage on terminal 40 at supply potential VDD.
- the comparators 118 and 119 and OR gate 120 together output a TAMPER_DETECT signal if the voltage on terminal 40 is either above a high reference voltage VREF-HI or is below a low reference voltage VREF-LO. Only if the voltage on terminal 40 is between the two reference voltages is the TAMPER_DETECT signal not asserted.
- the tamper detect logic 116 within integrated circuit die 14 checks to confirm that TAMPER_DETECT is asserted.
- the tamper detect logic 116 causes current source 117 to sink a ten microampere pulse of current. If conductor 109 is intact and if conductor 109 is not touching conductor 110 , then the current flow through resistor 111 will be such that the voltage on terminal 40 will be below the high reference voltage VREF-HI and also will be above the low reference voltage VREF-LO.
- the resistance from terminal 40 to supply voltage VDD node 121 is nominally 50 k ohms (will be greater than 20 k ohms and less than 80 k ohms). Accordingly, if there is no tamper condition, then the signal TAMPER-DETECT should not be asserted.
- Tamper detect logic 116 checks to confirm that TAMPER_DETECT is not asserted. Tamper detect logic 116 periodically checks each of the conductors of each of the anti-tamper meshes in this way, checking with the current sources disabled and then with the current sources enabled, to confirm that there has been no tamper condition.
- an application program is stored in FLASH memory 101 .
- Encryption keys usable for communicating with a financial institution are stored in secure read only memory (ROM) within integrated circuit die 14 .
- ROM read only memory
- a secure boot loader mechanism within integrated circuit die 14 reads the application program from FLASH memory 101 .
- the application program includes a header portion that includes an identification word.
- a processor 122 within integrated circuit die 14 checks the identification word in an attempt to validate the application program. If the application program is validated, then processor 122 executes the application program out of SDRAM.
- Integrated circuit die 31 is the SDRAM.
- the encryption keys that are stored in secure memory 123 in integrated circuit die 14 may be used by software and therefore may temporarily be present in SDRAM 31 . Accordingly, upon detection of a tamper condition, integrated circuit die 14 causes SDRAM 31 to be erased and also erases temporary unsecured registers within die 14 that a thief may be able to read after accessing the dice 14 and 31 .
- POS terminal 100 is of such a design that the encryption keys cannot be read out of die 14 following a tamper detect condition. See U.S. patent application Ser. No. 10/918,272 for future details.
- FIG. 9 is a simplified circuit diagram that shows another way that the first and second meshes 39 and 50 can be connected to integrated circuit die 14 .
- first mesh 39 extends laterally through the substrate member of the second BGA package portion 12 and second mesh 50 extends laterally through printed circuit board 104 .
- Meshes 39 and 50 are, however, driven and monitored from only two terminals of integrated circuit 14 .
- First conductor 109 (WIRE 0 ) extends from terminal 40 , through a bond wire, then up through the substrate member of the second BGA package portion, laterally through the substrate member, then back down through a bond ball of the second BGA package portion and to bond ball 19 of the first BGA package portion.
- the conductor continues down into the printed circuit board 104 upon which the secure module 10 is disposed.
- the conductor extends laterally through the mesh layer of the printed circuit board as a part of second mesh 50 , and then extends back up to another bond ball 20 of the first BGA package portion.
- Band ball 20 is connected through the first BGA package portion to discrete resistor 111 .
- the second conductor 110 (WIRE 1 ) is connected in similar fashion.
- the second conductor 110 extends from integrated circuit terminal 45 , through another bond wire, then up through the substrate member of the second BGA package portion, laterally through the substrate member, then back down through a bond ball of the second BGA package portion and to bond ball 18 of the first BGA package portion.
- the conductor continues down into the printed circuit board 104 upon which the secure module 10 is disposed.
- the conductor extends laterally through the mesh layer of the printed circuit board as a part of second mesh 50 , and then extends back up to another bond ball 21 of the first BGA package portion.
- Band ball 21 is connected through the first BGA package portion to discrete resistor 112 .
- the first mesh 39 and the second mesh 50 are therefore not driven and monitored separately from one another, but actually form a single larger anti-tamper mesh structure that extends both over and underneath the integrated circuits within the secure module 10 .
- bond ball 19 can be coupled directly to bond ball 20 by a short trace on printed circuit board 104 or alternatively by a connection on secure module 10 itself. In the same way, bond ball 18 would be coupled directly to bond ball 21 .
- FIG. 10 is a cross-sectional diagram of a secure module 200 in accordance with a second novel aspect.
- Secure module 200 is a cavity-down BGA package.
- the first and second integrated circuits 14 and 31 of the embodiment of FIGS. 1-6 are disposed side by side in this cavity.
- Secure module 200 includes integrated circuit dice 14 and 31 , a substrate member 201 , and an array of bond balls.
- Six bond balls 202 - 207 are illustrated in the cross-sectional diagram of FIG. 7 .
- Substrate member 201 includes an anti-tamper security mesh 208 that is embedded in substrate member 201 .
- anti-tamper security mesh 208 also extends through bond balls of the periphery of module 200 to form a picket fence security mesh structure.
- Integrated circuit die 14 drives mesh 208 and monitors mesh 208 for a tamper detect condition.
- Each of the two conductors of mesh 208 is terminated by a discrete resistor that is surface mounted to substrate member 201 in the cavity along with the integrated circuit dice 14 and 31 .
- Discrete component 209 is one of these resistors.
- Discrete component 210 is a bypass capacitor.
- the circuit operation of FIG. 9 is the same as the circuit operation described above of the embodiment of FIGS. 1-8 .
- integrated circuit die 14 is surface mounted to a printed circuit board as explained in connection with FIG. 12 .
- Integrated circuit die 14 is coupled through inner bonds balls 204 and 205 and conductive vias 211 and 212 to second mesh 50 in the underlying printed circuit board.
- Integrated circuit die 14 drives and monitors anti-tamper mesh 50 as described in connection with the embodiment of FIGS. 1-8 .
- There are two bond balls used to connect to each of the two conductors of second mesh 50 one for connecting a first end of the conductor to the tamper terminal of the integrated circuit, and a second for connecting the second end of the conductor to the discrete termination resistor.
- FIG. 11 is a perspective view of module 200 of FIG. 10 .
- the dashed line illustrates the plane of the first mesh 208 .
- FIG. 12 is a simplified cross-sectional diagram that shows how integrated circuit die 14 is coupled to the two conductors of the second mesh 50 .
- the substrate members of the first and second BGA package portions can be multi-layer ceramic structures.
- the substrate members can be flexible circuit boards made using a polyimide or polyester or other flexible base material.
- Surface mount attachment structures other than bond balls can be used on the first and second BGA package portions.
- the first wire mesh or part of the first wire mesh can be made from strips of conductive encapsulant material within a layer of nonconductive encapsulant material.
- the conductive encapsulant may, for example, be an ordinarily nonconductive epoxy resin material that is made conductive due to a dispersed conductive metal powder.
- the integrated circuit having the tamper control logic that drives and monitors the first mesh 39 can be mounted into the second (upper) BGA package portion as opposed to the first (lower) BGA package portion.
- the discrete components including, for example, the termination resistors can be surface mounted to the second BGA package portion as opposed to, or in addition to, being attached to the first BGA package portion.
- An anti-tamper mesh can be made to extend through the substrate member of the first BGA package portion in addition to the first anti-tamper mesh 39 extending through the substrate member of the second BGA package portion.
- Either of the integrated circuits can be flip-chip mounted rather than being wire bonded to their respective substrate members.
- Either of the integrated circuits can be replaced with a pair of face-to-face die-bonded integrated circuits.
- the single picket fence mesh structure can be expanded to involve a staggered picket fence structure involving more than one peripheral ring of bond balls. Accordingly, various modifications, adaptations, and combinations of various features of the described embodiments can be practiced without departing from the scope of the invention as set forth in the claims.
Landscapes
- Engineering & Computer Science (AREA)
- Microelectronics & Electronic Packaging (AREA)
- Power Engineering (AREA)
- Physics & Mathematics (AREA)
- Condensed Matter Physics & Semiconductors (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Storage Device Security (AREA)
Abstract
Description
- The described embodiments relate to securing electronic components and data from unauthorized access, and more particularly to securing electronic components in Point Of Sale (POS) terminals.
- Purchases are often made using an electronic device called a Point Of Sale (POS) terminal. The POS terminal is typically coupled to a financial institution via an electronic communication link. A customer in a store may, for example, present a debit card, credit card, cash card or smart card to the store's cashier for payment. Consider an example of a transaction with a smart card. The customer presents the smart card to the cashier of the store. The cashier pushes the smart card into a smart card reader port on the POS terminal and the POS terminal reads an account number stored in the smart card. The customer then, for identification purposes, typically enters a Personal Identification Number (PIN) into a keypad device coupled to the POS terminal. The customer may also enter other identification information. The customer may, for example, provide a signature on a signature capture device coupled to the POS terminal.
- The POS terminal then uses an encryption key stored in the POS terminal to encrypt the account number (from the smart card), the identification number (for example, the PIN number), and other information about the transaction such as the amount of the transaction and the date of the transaction. The encrypted information is sent from the POS terminal to the financial institution via a modem or other electronic communication link.
- The financial institution receives the encrypted information and uses an encryption key to decrypt the information and recover the account number, identification information, and information about the transaction. In the case where the transaction is a debit transaction, the bank account of the customer is debited. A confirmation of the transaction is then encrypted using the encryption key and the encrypted confirmation is communicated from the financial institution back to the POS terminal. The POS terminal uses the encryption key stored in the point of sale terminal to decrypt the confirmation. Typically, the confirmation is printed out as part of a transaction receipt and a copy of the receipt is provided to the customer.
- Accordingly, it is seen that sensitive financial and identification information is entered into and passes through the POS terminal. Encryption keys are typically stored in the POS terminal so that the POS terminal can communicate with the financial institution in a secure manner. Moreover, as the POS terminal is used, information about customers is stored in and/or passes through the POS terminal. Such information may include account numbers and their associated PIN numbers.
- Various methods are employed to prevent such sensitive information from falling into the hands of thieves. In one example, the integrated circuits within the POS terminal that contain the sensitive information are surrounded, encased or covered with a fine wire mesh. Certain of the conductors of the mesh are coupled to a first terminal of the integrated circuit, whereas others of the conductors of the mesh are coupled to a second terminal of the integrated. The integrated circuit monitors the first and second terminals. If a thief were to attempt to probe through the mesh to get access to the integrated circuit, then certain of the conductors would likely be cut or pushed together. This condition would be detected by the integrated circuit as a tamper condition. If the integrated circuit were to detect such a tamper condition, then the integrated circuit would quickly erase the sensitive information (for example, encryption keys) so that if the thief were to then gain access to the integrated circuit, the sensitive information would have already been erased.
- In one exemplary prior art POS terminal, the POS terminal includes a processor integrated circuit, a Static Random Access Memory (SRAM) integrated circuit, and a non-volatile memory integrated circuit. The processor and SRAM integrated circuits are covered with an anti-tamper mesh. An application program is stored in the nonvolatile memory. Upon power up, an operating system executing on the processor transfers the application program from the nonvolatile memory to the SRAM. Encryption keys are stored in Read Only Memory (ROM) on the processor integrated circuit. If the processor validates the application program to be a valid image, then the processor executes the application program out of SRAM. Subsequent operation of the POS terminal may use the encryption keys and may temporarily place the encryption keys in the SRAM. Accordingly, upon detection of a tamper condition, the SRAM as well as other volatile storage locations in the processor are quickly erased before a thief can gain access to the sensitive information stored in volatile memory in the processor and SRAM integrated circuits.
- Numerous techniques exist in the prior art for providing a security mesh. For example, U.S. Pat. No. 6,646,565 describes a POS terminal having a secure case. The case includes what is called a security fence module that is sandwiched between two printed circuit boards. Each of the printed circuit boards includes a serpentine trace layer so that the assembly of the two printed circuit boards and the security fence module together enclose a secured volume.
- U.S. Pat. No. 7,054,162 describes a security module that includes a substrate and a cover. The substrate and cover include inter-digitated serpentine serial conductive paths. When the cover and substrate are abutted together through ball grid array interconnects, the serpentine conductive paths essentially surround the volume enclosed between the cover and substrate. The grid array of connections at the periphery of abutting cover and substrate have a staggered row or picket fence configuration that prevents intrusion from the side.
- U.S. Patent Application Publication No. 2007/0038865 describes a cap that is adapted to mount to a printed circuit board such that tamper-proof tracks in the cover are linked with tamper-proof tracks in the printed circuit board. The tracks in the cap and printed circuit board together form a tamper-proof security shield that protects a chamber.
- U.S. Pat. No. 7,065,656 describes a method of protecting a printed circuit board from tampering by applying flexible plastic polymer layers having embedded trip wires.
- U.S. Patent Application Publication No. 2006/0231633 describes a tamper resistant ceramic multi-chip module (MCM) that includes a ceramic chip carrier and a ceramic cap. Each of the chip carrier and the cap includes what are called security meander lines. Solder balls or solder fillets couple the cap to the chip carrier so as to enclose an internal cavity.
- U.S. Patent Application Publication No. 2006/0087883 describes an anti-tamper module involving a connection layer that connects the module to an external system using a ball-grid array of solder balls. In one example, a wire mesh encased in epoxy is a protective layer that encases the module.
- U.S. Pat. No. 5,861,662 describes an anti-tamper shield for an integrated circuit. In one example, the conductors of the shield have a grid pattern and are made of conductive epoxy.
- U.S. Patent Application Publication No. 2007/0018334 describes a cavity-down integrated circuit package that has an embedded security shield. A printed circuit board also has an embedded security shield. When the package is connected to the printed circuit board with ball connectors, the shield in the package and the shield in the printed circuit board together form a security envelope that shields the integrated circuit of the package from tampering.
- Unfortunately, providing a security mesh for a point or sale terminal circuit is typically undesirably expensive and/or is inadequate. An alternative solution is sought.
- A Package-On-Package (POP) secure module sees use in a Point Of Sale (POS) terminal. The POP secure module includes a first ball grid array (BGA) package portion and a second BGA package portion. The first BGA package portion includes a substrate member, an array of bond balls that is disposed on a side of a substrate member, and an array of lands that is disposed on the opposite side of the substrate member. Bond balls of the second BGA package portion are fixed to the lands of the first BGA package portion such that the second BGA package portion is piggy-back mounted to the first BGA package portion. Embedded in the substrate member of the second BGA package portion is a first anti-tamper security mesh. The first anti-tamper security mesh extends laterally in the plane of the substrate member, and also extends vertically in a curtain-like fashion to form a picket fence security mesh structure around the side edges of the module.
- An integrated circuit in the first BGA package portion is coupled to, drives and monitors the first anti-tamper security mesh. When the module is disposed on a Printed Circuit Board (PCB) within a POS terminal, the integrated circuit is coupled to, drives and monitors a second anti-tamper security mesh. The second anti-tamper security mesh is realized in a metal trace layer within the PCB upon which the POP secure module is mounted. The second anti-tamper security mesh extends underneath the POP secure module. Accordingly, the planar portion of the first mesh in the substrate member of the second BGA package portion protects against intrusion from above, the picket fence peripheral extension of the first mesh protects against intrusion from the sides, and the second mesh in the underlying PCB protects against intrusion from below.
- In one example, the integrated circuit in the first BGA package portion is a specialized integrated circuit that includes tamper detection logic and special circuitry that is specially adapted for use in a point of sale terminal. The integrated circuit is produced and sold by an entity (for example, a first semiconductor company) that does not make and sell memory devices for general use. The second BGA package portion contains a general purpose memory integrated circuit that is produced and sold by an entity (for example, a second semiconductor company) that does sell discrete memory devices for general use. This memory integrated circuit is a type that sees primary use in applications other than in point of sale terminals. Compared to the specialized integrated circuit, the memory integrated circuit is mass produced in larger volumes. The memory needed in the secure module is provided by including the discrete memory integrated circuit rather than by providing additional memory on the specialized integrated circuit and making the specialized integrated circuit larger in order to take advantage of the relatively low cost of providing the memory in the form of an integrated circuit that is produced in higher volumes. Both the specialized integrated circuit and the mass produced memory integrated circuit are enclosed in a secure volume that is shielded by the first and second anti-tamper security meshes. If a tamper condition is detected, then the contents of the discrete memory integrated circuit are quickly erased as prompted by tamper detection logic in the specialized integrated circuit.
- The secure module involving a separate SRAM integrated circuit in a POP module allows different versions of the module to be realized without having to modify either the design of the specialized integrated circuit or the substrate member of the first BGA package portion. An added benefit of the POP package is that a different sized memory or different memory type can be provided in different version of the module without changing the first BGA package portion or its specialized integrated circuit.
- In a second novel aspect, the specialized integrated circuit and the memory integrated circuit are disposed, side by side, in a single cavity-down ball grid array (BGA) package. The BGA package includes a substrate member. An anti-tamper security mesh is embedded in the substrate member, and the specialized integrated circuit is coupled to, drives and monitors the anti-tamper security mesh. When the BGA package is disposed on a PCB within a point of sale (POS) terminal, the specialized integrated circuit also is coupled to, drives and monitors a second anti-tamper security mesh. The second anti-tamper security mesh is realized in a metal trace layer within the PCB upon which the BGA package is mounted. The second anti-tamper security mesh extends underneath the BGA package.
- Further details and embodiments are described in the detailed description below. This summary does not purport to define the invention. The invention is defined by the claims.
- The accompanying drawings, where like numerals indicate like components, illustrate embodiments of the invention.
-
FIG. 1 is a simplified cross-sectional view of a Package-On-Package (POP)secure module 10 in accordance with a first novel aspect. -
FIG. 2 is a perspective view of the POPsecure module 10 ofFIG. 1 . -
FIG. 3 is a perspective view of the bottom of the POPsecure module 10 ofFIG. 1 with the encapsulant removed to expose integratedcircuit 14. -
FIG. 4 is a perspective view that illustrates the picket fence extension of the first anti-tamper security mesh. -
FIG. 5 is a simplified cross-sectional diagram showing the POPsecure module 10 ofFIG. 1 in use in a point of sale (POS) terminal. -
FIG. 6 is an expanded view of a part ofFIG. 5 . -
FIG. 7 is a circuit diagram that shows howintegrated circuit 14 is connected to the first and second anti-tamper security meshes 39 and 50. -
FIG. 8 is a simplified circuit diagram that illustrates howintegrated circuit 14 drives and monitors a conductor of a security mesh. -
FIG. 9 is a simplified circuit diagram that shows another way thatintegrated circuit 14 can drive and monitor first and second anti-tamper security meshes 39 and 50. -
FIGS. 10-12 are diagrams of a single cavity-down ball grid array (BGA) package whose substrate member includes an anti-tamper security mesh in accordance with a second novel aspect. -
FIG. 1 is a simplified cross-sectional diagram of a novel Package-On-Package (POP)secure module 10. POPsecure module 10 includes a first Ball Grid Array (BGA)package portion 11, and a secondBGA package portion 12. FirstBGA package portion 11 includes asubstrate member 13, an integrated circuit die 14, an array of bond balls, an array of lands, anddiscrete components substrate member 13 and is encapsulated with a block ofencapsulant 23 such as epoxy potting encapsulant. Two of thebond wires - Second
BGA package portion 12 includes asubstrate member 30, an integrated circuit die 31, and an array of bond balls. Four of the bond balls 32-35 are illustrated in the cross-sectional view. Integrated circuit die 31 is connected by wire bonds tosubstrate member 30 and is encapsulated with block ofencapsulant 36. Two of thebond wires BGA package portion 12 register with and are fixed to corresponding ones of the lands 26-29 on the upper surface of thesubstrate member 13 of the firstBGA package portion 11. The secondBGA package portion 12 is therefore piggy-back mounted to the firstBGA package portion 11 so that the two BGA package portions together form a secure module. - In the illustrated example, the
substrate members Substrate member 30 of the secondBGA package portion 12 includes a firstanti-tamper security mesh 39 of conductors. The conductors ofmesh 39 are approximately 0.2 millimeters wide and are spaced at approximately 0.2 millimeters from one another. As is described in further detail below, the mesh is powered and monitored by tamper control logic (seereference numeral 116 inFIG. 7 ) on integrated circuit die 14. The tamper control logic an integrated circuit die 14 is connected to conductors inmesh 39 via bond balls of the second BGA package portion that are not located on the periphery ofsubstrate member 30. In the illustration ofFIG. 1 , the tamper control logic is coupled to a first conductor (WIRE0) ofmesh 39 via afirst terminal 40,bond wire 24,bond pad 41, laterally extendingconductor 42, conductive via 43,land 27,bond ball 33, and conductive via 44. The tamper control logic is also coupled to a second conductor (WIRE1) ofmesh 39 via asecond terminal 45,bond wire 25,bond pad 46, laterally extendingconductor 47, via 48,land 28,bond ball 34, and conductive via 49. - In addition, when POP
secure module 10 is disposed on a printed circuit board within a point of sale (POS) terminal, the tamper control logic on integrated circuit die 14 also is coupled to, powers and monitors a second anti-tamper security mesh 50 (seeFIGS. 5 and 6 ) located in the printed circuit board upon which themodule 10 is mounted. The tamper control logic on integrated circuit die 14 is connected to the two conductors (WIRE3 and WIRE4) ofsecond mesh 50 via bond balls of the firstBGA package portion 11. These bond balls are not located at the periphery ofsubstrate member 13 but rather are located toward the inside of firstBGA package portion 11. The connections from integrated circuit die 14 to this second mesh are not seen in the simplified cross-section ofFIG. 1 , but the tamper control logic is coupled to a first conductor (WIRE3) of thesecond mesh 50 via a third terminal, a bond wire, an inner bond ball such asbond ball 19, and a surface mount pad on the printed circuit board and a conductive via that extends down into the printed circuit board to the first conductor insecond mesh 50. Similarly, the tamper control logic is coupled to a second conductor (WIRE3) of the second mesh via a fourth terminal, a bond wire, an inner bond ball such asbond ball 20, and a surface mount pad on the printed circuit board and a conductive via that extends down into the printed circuit board to the second conductor insecond mesh 50. -
FIG. 2 is a perspective view of thePOP security module 10 ofFIG. 1 . The dashed lines labeled with numeral 39 are not visible from the outside ofmodule 10, but rather illustrate the plane in which themesh 39 is disposed withinsubstrate member 30. -
FIG. 3 is a perspective view of the bottom ofmodule 10 withencapsulant 23 removed to show integrated circuit die 14 and its bond wires. -
FIG. 4 illustrates the form of the peripheral portion ofmesh 39.Mesh 39, rather than just existing in a laterally extending plane withinsubstrate member 30, is also made to cup down around the side edges of POPsecure module 10. In one example, the two conductors ofmesh 39 are made to meander vertically up and down through the bond balls of the first and secondBGA package portions integrated circuit dice BGA package portion 12, through a land on the upper surface of firstBGA package portion 11, then down throughsubstrate member 13, and through a bond ball of firstBGA package portion 11 such that the two bond balls and the connection between them form a substantially vertical conductive path. InFIG. 4 , the arrows drawn with the solid line represent pickets that are parts of the first conductor ofmesh 39. The arrows drawn with the dashed line represent pickets that are parts of the second conductor ofmesh 39. The picket fence like security structure helps protect against probing of the module from the sides. - In the present example, integrated circuit die 14 is a microcontroller-based integrated circuit that includes
tamper control circuitry 116, a specialized boot loader mechanism, asecure memory 123, aprocessor 122, and other specialized circuitry for a point of sale terminal application. For additional details on integratedcircuit 14 see: U.S. patent application Ser. No. 10/918,272, entitled “Secure Transaction Microcontroller With Secure Boot Loader”, filed Aug. 13, 2004, by Hsiang et al. (the subject matter of which is incorporated herein by reference). The backside of integrated circuit die 14 is thinned by mechanical grinding so that die 14 is approximately six to eight mils thick. The bond balls of the firstBGA package portion 11 are approximately eighteen mils in diameter. The bond balls of the secondBGA package portion 12 are approximately twenty one mils in diameter. - In one example, integrated
circuit 31 is a mass produced SDRAM die that is manufactured by an entity other than the entity that sells integrated circuit die 14. The maker of the SDRAM makes and sells discrete memory integrated circuits, whereas the maker of integrated circuit die 14 does not. The SDRAM component sees many uses other than use in a POS terminal and consequently it is produced in much higher volumes than is the relatively specialized integrated circuit die 14.SDRAM 31 is provided insecure module 10 rather than providing additional memory on integrated circuit die 14 and making die 14 larger in order to take advantage of the relatively low cost of providing the memory in the form of a mass produced integrated circuit. -
FIG. 5 is a cross-sectional diagram of a portion of a point of sale (POS) terminal 100 that includes POPsecure module 10. The plastic enclosure ofPOS terminal 100 is not illustrated. POPsecure module 10, aFLASH memory device 101, abattery 102, and a smartcard reader port 103 are surface mounted to a first side of a printedcircuit board 104. Aflexible keypad 105 and a tamper detectswitch 106 are disposed a second side of the printedcircuit board 104opposite module 10. Each of the keys ofkeypad 105 has a conductive portion. When the key is pressed, the conductive portion of the key makes contact with and couples together an associated pair of interdigitated contact pads on printedcircuit board 104. Integrated circuit die 14 includes key scanning circuitry for detecting which key is pressed. - As illustrated in
FIG. 5 , the secondanti-tamper security mesh 50 is disposed in a metal trace layer within printedcircuit board 104. In the specific example ofFIG. 5 , printedcircuit board 104 has four metal trace layers. The interdigitated contact pads for the keypad are parts of the bottom metal layer. Secondanti-tamper security mesh 50 is located in the next bottom most metal layer so that it is close tokeypad 105. Providingmesh 50 close tokeypad 105 helps prevent a hacker from gaining access to the backside of the keypad and monitoring key presses. -
FIG. 6 showsPOS security module 10 andsecond mesh 50 ofFIG. 5 in further detail.Mesh 50 is driven and is sensed by integrated circuit die 14. A third terminal 124 (not shown inFIG. 6 , seeFIG. 7 ) of integrated circuit die 14 is coupled by a bond wire (not shown) and conductors (not shown) insubstrate member 13 tobond ball 19.Bond ball 19 is in turn connected by a surface mount pad and a vertically extending conductive via 107 to the first conductor in secondanti-tamper mesh 50. A fourth terminal 125 (not shown inFIG. 6 , seeFIG. 7 ) of integrated circuit die 14 is coupled by a bond wire (not shown) and conductors (not shown) insubstrate member 13 tobond ball 20.Bond ball 20 is in turn connected by a surface mount pad and a vertically extending conductive via 108 to the second conductor in secondanti-tamper mesh 50. -
FIG. 7 is a simplified circuit diagram that shows how integrated circuit die 14 is coupled to the first andsecond meshes First terminal 40 andsecond terminal 45 are the terminals illustrated inFIG. 1 that are coupled to the first andsecond conductors anti-tamper security mesh 39, respectively. Althoughmesh 39 is illustrated inFIG. 7 as having a regular serpentine path, the actual paths ofconductors mesh 39 extend across the plane illustrated with the dashed line inFIG. 1 as well through the picket fence structure illustrated inFIG. 4 . Each conductor ofmesh 39 is terminated with a termination resistor. First conductor 109 (WIRE0) is terminated byresistor 111 whereas second conductor 110 (WIRE1) is terminated byresistor 112.Termination resistors substrate member 13.Discrete component 16 ofFIG. 1 isresistor 111.Resistor 112 is not seen in the particular cross-section ofFIG. 1 .Discrete component 15 is a bypass capacitor. There are two bond balls used to connect to each of the two conductors ofmesh 39, one for connecting a first end of the conductor to the tamper terminal of the integrated circuit, and a second for connecting the second end of the conductor to its corresponding discrete termination resistor. - The
terminals FIG. 7 are terminals that detect an opening of a tamper switch. Switch 106 ofFIG. 5 is an example of a tamper switch. Tamper switches are positioned at various places in the POS terminal such that opening the POS terminal enclosure will cause one of more of these switches to open. For example, the top and bottom portions of the plastic enclosure of the POS terminal together may hold one of these switches in the closed position. If the enclosure is opened, then the top and bottom portions will separate and will no longer holdswitch 106 in the closed position. Whenswitch 106 opens, the voltage onterminal 113 will no longer be pulled to ground potential byresistor 115, but rather the voltage onterminal 113 will be pulled high by a resistor internal to integrated circuit die 14. This high voltage is detected bytamper control logic 116 as a tamper condition. -
FIG. 8 is a simplified circuit diagram of circuitry that illustrates how the conductor of the first and second meshes are driven and monitored. Initially,current source 117 is disabled by tamper detectlogic 116.Termination resistor 111 therefore maintains the voltage onterminal 40 at supply potential VDD. Thecomparators OR gate 120 together output a TAMPER_DETECT signal if the voltage onterminal 40 is either above a high reference voltage VREF-HI or is below a low reference voltage VREF-LO. Only if the voltage onterminal 40 is between the two reference voltages is the TAMPER_DETECT signal not asserted. Accordingly, when thecurrent source 117 is disabled, the voltage onterminal 40 is above VREF-HI and the TAMPER_DETECT signal is asserted. The tamper detectlogic 116 within integrated circuit die 14 checks to confirm that TAMPER_DETECT is asserted. - Next, the tamper detect
logic 116 causescurrent source 117 to sink a ten microampere pulse of current. Ifconductor 109 is intact and ifconductor 109 is not touchingconductor 110, then the current flow throughresistor 111 will be such that the voltage onterminal 40 will be below the high reference voltage VREF-HI and also will be above the low reference voltage VREF-LO. The resistance fromterminal 40 to supply voltage VDD node 121 is nominally 50 k ohms (will be greater than 20 k ohms and less than 80 k ohms). Accordingly, if there is no tamper condition, then the signal TAMPER-DETECT should not be asserted. Tamper detectlogic 116 checks to confirm that TAMPER_DETECT is not asserted. Tamper detectlogic 116 periodically checks each of the conductors of each of the anti-tamper meshes in this way, checking with the current sources disabled and then with the current sources enabled, to confirm that there has been no tamper condition. - In the presently described example of
FIG. 5 , an application program is stored inFLASH memory 101. Encryption keys usable for communicating with a financial institution are stored in secure read only memory (ROM) within integrated circuit die 14. On power up, a secure boot loader mechanism within integrated circuit die 14 reads the application program fromFLASH memory 101. The application program includes a header portion that includes an identification word. Aprocessor 122 within integrated circuit die 14 checks the identification word in an attempt to validate the application program. If the application program is validated, thenprocessor 122 executes the application program out of SDRAM. Integrated circuit die 31 is the SDRAM. During operation ofPOS terminal 100, the encryption keys that are stored insecure memory 123 in integrated circuit die 14 may be used by software and therefore may temporarily be present inSDRAM 31. Accordingly, upon detection of a tamper condition, integrated circuit die 14causes SDRAM 31 to be erased and also erases temporary unsecured registers within die 14 that a thief may be able to read after accessing thedice POS terminal 100 is of such a design that the encryption keys cannot be read out of die 14 following a tamper detect condition. See U.S. patent application Ser. No. 10/918,272 for future details. -
FIG. 9 is a simplified circuit diagram that shows another way that the first andsecond meshes first mesh 39 extends laterally through the substrate member of the secondBGA package portion 12 andsecond mesh 50 extends laterally through printedcircuit board 104.Meshes integrated circuit 14. First conductor 109 (WIRE0) extends fromterminal 40, through a bond wire, then up through the substrate member of the second BGA package portion, laterally through the substrate member, then back down through a bond ball of the second BGA package portion and tobond ball 19 of the first BGA package portion. Frombond ball 19, the conductor continues down into the printedcircuit board 104 upon which thesecure module 10 is disposed. The conductor extends laterally through the mesh layer of the printed circuit board as a part ofsecond mesh 50, and then extends back up to anotherbond ball 20 of the first BGA package portion.Band ball 20 is connected through the first BGA package portion todiscrete resistor 111. The second conductor 110 (WIRE1) is connected in similar fashion. Thesecond conductor 110 extends from integratedcircuit terminal 45, through another bond wire, then up through the substrate member of the second BGA package portion, laterally through the substrate member, then back down through a bond ball of the second BGA package portion and tobond ball 18 of the first BGA package portion. Frombond ball 18, the conductor continues down into the printedcircuit board 104 upon which thesecure module 10 is disposed. The conductor extends laterally through the mesh layer of the printed circuit board as a part ofsecond mesh 50, and then extends back up to anotherbond ball 21 of the first BGA package portion.Band ball 21 is connected through the first BGA package portion todiscrete resistor 112. Thefirst mesh 39 and thesecond mesh 50 are therefore not driven and monitored separately from one another, but actually form a single larger anti-tamper mesh structure that extends both over and underneath the integrated circuits within thesecure module 10. If thesecure module 10 is to be used in a configuration withoutsecond mesh 50, thenbond ball 19 can be coupled directly tobond ball 20 by a short trace on printedcircuit board 104 or alternatively by a connection onsecure module 10 itself. In the same way,bond ball 18 would be coupled directly tobond ball 21. -
FIG. 10 is a cross-sectional diagram of asecure module 200 in accordance with a second novel aspect.Secure module 200 is a cavity-down BGA package. The first and secondintegrated circuits FIGS. 1-6 are disposed side by side in this cavity.Secure module 200 includes integratedcircuit dice substrate member 201, and an array of bond balls. Six bond balls 202-207 are illustrated in the cross-sectional diagram ofFIG. 7 .Substrate member 201 includes ananti-tamper security mesh 208 that is embedded insubstrate member 201. In one example,anti-tamper security mesh 208 also extends through bond balls of the periphery ofmodule 200 to form a picket fence security mesh structure. Integrated circuit die 14 drives mesh 208 and monitors mesh 208 for a tamper detect condition. Each of the two conductors ofmesh 208 is terminated by a discrete resistor that is surface mounted tosubstrate member 201 in the cavity along with theintegrated circuit dice Discrete component 209 is one of these resistors.Discrete component 210 is a bypass capacitor. The circuit operation ofFIG. 9 is the same as the circuit operation described above of the embodiment ofFIGS. 1-8 . - In addition, when
secure module 200 is disposed in a POS terminal, integrated circuit die 14 is surface mounted to a printed circuit board as explained in connection withFIG. 12 . Integrated circuit die 14 is coupled throughinner bonds balls conductive vias second mesh 50 in the underlying printed circuit board. Integrated circuit die 14 drives and monitorsanti-tamper mesh 50 as described in connection with the embodiment ofFIGS. 1-8 . There are two bond balls used to connect to each of the two conductors ofsecond mesh 50, one for connecting a first end of the conductor to the tamper terminal of the integrated circuit, and a second for connecting the second end of the conductor to the discrete termination resistor. -
FIG. 11 is a perspective view ofmodule 200 ofFIG. 10 . The dashed line illustrates the plane of thefirst mesh 208. -
FIG. 12 is a simplified cross-sectional diagram that shows how integrated circuit die 14 is coupled to the two conductors of thesecond mesh 50. - Although certain specific embodiments are described above for instructional purposes, the teachings of this patent document have general applicability and are not limited to the specific embodiments described above. The substrate members of the first and second BGA package portions can be multi-layer ceramic structures. The substrate members can be flexible circuit boards made using a polyimide or polyester or other flexible base material. Surface mount attachment structures other than bond balls can be used on the first and second BGA package portions. The first wire mesh or part of the first wire mesh can be made from strips of conductive encapsulant material within a layer of nonconductive encapsulant material. The conductive encapsulant may, for example, be an ordinarily nonconductive epoxy resin material that is made conductive due to a dispersed conductive metal powder. The integrated circuit having the tamper control logic that drives and monitors the
first mesh 39 can be mounted into the second (upper) BGA package portion as opposed to the first (lower) BGA package portion. The discrete components including, for example, the termination resistors can be surface mounted to the second BGA package portion as opposed to, or in addition to, being attached to the first BGA package portion. An anti-tamper mesh can be made to extend through the substrate member of the first BGA package portion in addition to the firstanti-tamper mesh 39 extending through the substrate member of the second BGA package portion. Either of the integrated circuits can be flip-chip mounted rather than being wire bonded to their respective substrate members. Either of the integrated circuits can be replaced with a pair of face-to-face die-bonded integrated circuits. Multiple integrated circuits can be disposed side by side in the cavities of the first and second BGA package portions. The single picket fence mesh structure can be expanded to involve a staggered picket fence structure involving more than one peripheral ring of bond balls. Accordingly, various modifications, adaptations, and combinations of various features of the described embodiments can be practiced without departing from the scope of the invention as set forth in the claims.
Claims (26)
Priority Applications (8)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US11/786,871 US7923830B2 (en) | 2007-04-13 | 2007-04-13 | Package-on-package secure module having anti-tamper mesh in the substrate of the upper package |
US11/800,175 US7868441B2 (en) | 2007-04-13 | 2007-05-03 | Package on-package secure module having BGA mesh cap |
EP07836686A EP2013907B1 (en) | 2007-04-13 | 2007-08-10 | Package-on-package secure module having bga mesh cap |
CN2007800525690A CN101904002B (en) | 2007-04-13 | 2007-08-10 | Package-on-package secure module having BGA mesh cap |
DE602007013738T DE602007013738D1 (en) | 2007-04-13 | 2007-08-10 | SAFE PACKAGE ON PACKAGE MODULE WITH A BGA MESH CLOSURE |
KR1020097021329A KR101394177B1 (en) | 2007-04-13 | 2007-08-10 | Package-on-package secure module having bga mesh cap |
JP2010502987A JP5503526B2 (en) | 2007-04-13 | 2007-08-10 | Package-on-package secure module with BGA mesh cap |
PCT/US2007/017755 WO2008127267A1 (en) | 2007-04-13 | 2007-08-10 | Package-on-package secure module having bga mesh cap |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US11/786,871 US7923830B2 (en) | 2007-04-13 | 2007-04-13 | Package-on-package secure module having anti-tamper mesh in the substrate of the upper package |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US11/800,175 Continuation-In-Part US7868441B2 (en) | 2007-04-13 | 2007-05-03 | Package on-package secure module having BGA mesh cap |
Publications (2)
Publication Number | Publication Date |
---|---|
US20080251905A1 true US20080251905A1 (en) | 2008-10-16 |
US7923830B2 US7923830B2 (en) | 2011-04-12 |
Family
ID=39852953
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US11/786,871 Expired - Fee Related US7923830B2 (en) | 2007-04-13 | 2007-04-13 | Package-on-package secure module having anti-tamper mesh in the substrate of the upper package |
Country Status (1)
Country | Link |
---|---|
US (1) | US7923830B2 (en) |
Cited By (19)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20080313746A1 (en) * | 2007-06-12 | 2008-12-18 | Itt Manufacturing Enterprises, Inc. | Integrated circuit protection and detection grid |
US20090146267A1 (en) * | 2007-12-05 | 2009-06-11 | Atmel Corporation | Secure connector grid array package |
US20100225380A1 (en) * | 2009-03-03 | 2010-09-09 | International Business Machines Corporation | Implementing Tamper Resistant Integrated Circuit Chips |
US20100259904A1 (en) * | 2009-04-13 | 2010-10-14 | Phytrex Technology Corporation | Signal Conversion Device |
US20110122563A1 (en) * | 2007-01-25 | 2011-05-26 | Verifone, Inc. | Anti-tamper protected enclosure |
ITMI20121085A1 (en) * | 2012-06-20 | 2013-12-21 | Giuseppe Nicola Saponaro | METHOD AND APPARATUS FOR THE MANAGEMENT OF TRANSACTIONS THROUGH CREDIT CARDS OR DEBIT CARDS |
US20140028335A1 (en) * | 2012-07-27 | 2014-01-30 | Johnson Electric S.A. | Security wrap with breakable conductors |
US9754901B1 (en) | 2016-11-21 | 2017-09-05 | Cisco Technology, Inc. | Bulk thinning detector |
TWI621378B (en) * | 2015-07-29 | 2018-04-11 | 乾坤科技股份有限公司 | Electronic module with electromagnetic shielding structure and manufacturing method of same |
US20180241859A1 (en) * | 2017-02-17 | 2018-08-23 | Lg Electronics Inc. | Printed circuit board and mobile terminal mounted the same |
US10810475B1 (en) | 2019-12-20 | 2020-10-20 | Capital One Services, Llc | Systems and methods for overmolding a card to prevent chip fraud |
US10817768B1 (en) | 2019-12-20 | 2020-10-27 | Capital One Services, Llc | Systems and methods for preventing chip fraud by inserts in chip pocket |
US10888940B1 (en) | 2019-12-20 | 2021-01-12 | Capital One Services, Llc | Systems and methods for saw tooth milling to prevent chip fraud |
US10977539B1 (en) | 2019-12-20 | 2021-04-13 | Capital One Services, Llc | Systems and methods for use of capacitive member to prevent chip fraud |
US11049822B1 (en) | 2019-12-20 | 2021-06-29 | Capital One Services, Llc | Systems and methods for the use of fraud prevention fluid to prevent chip fraud |
US20210334414A1 (en) * | 2020-04-22 | 2021-10-28 | Samsung Electronics Co., Ltd. | Storage device and solid state drive device with structure for improving security performance and removing data, method of operating the same, and data center including the same |
US20210358837A1 (en) * | 2018-10-26 | 2021-11-18 | Nagravision S.A. | Protection of wire-bond ball grid array packaged integrated circuit chips |
US11715103B2 (en) | 2020-08-12 | 2023-08-01 | Capital One Services, Llc | Systems and methods for chip-based identity verification and transaction authentication |
WO2024108107A1 (en) * | 2022-11-18 | 2024-05-23 | Jabil Inc. | Apparatus, system, and method for a security operations management module for a payment terminal |
Families Citing this family (19)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2009118013A1 (en) * | 2008-03-27 | 2009-10-01 | Sagem Denmark A/S | A secure keypad system |
US9490196B2 (en) | 2011-10-31 | 2016-11-08 | Intel Corporation | Multi die package having a die and a spacer layer in a recess |
US9456512B2 (en) | 2012-08-31 | 2016-09-27 | Bluebird Inc. | Mobile terminal |
EP2929482B1 (en) * | 2012-12-07 | 2018-05-02 | Cryptera A/S | A security module for protecting circuit components from unauthorized access |
US8896086B1 (en) | 2013-05-30 | 2014-11-25 | Freescale Semiconductor, Inc. | System for preventing tampering with integrated circuit |
DE102013114006A1 (en) * | 2013-12-13 | 2015-06-18 | Endress + Hauser Conducta Gesellschaft für Mess- und Regeltechnik mbH + Co. KG | circuit board |
CN105891651B (en) | 2015-01-16 | 2019-12-10 | 恩智浦美国有限公司 | Low power open circuit detection system |
US10163871B2 (en) * | 2015-10-02 | 2018-12-25 | Qualcomm Incorporated | Integrated device comprising embedded package on package (PoP) device |
US9455233B1 (en) | 2015-12-02 | 2016-09-27 | Freescale Semiconductor, Inc. | System for preventing tampering with integrated circuit |
US10199364B2 (en) | 2016-05-19 | 2019-02-05 | Sanmina Corporation | Non-volatile dual in-line memory module (NVDIMM) multichip package |
US10651135B2 (en) | 2016-06-28 | 2020-05-12 | Marvell Asia Pte, Ltd. | Tamper detection for a chip package |
US10085097B2 (en) | 2016-10-04 | 2018-09-25 | Starkey Laboratories, Inc. | Hearing assistance device incorporating system in package module |
US10306753B1 (en) | 2018-02-22 | 2019-05-28 | International Business Machines Corporation | Enclosure-to-board interface with tamper-detect circuit(s) |
US11122682B2 (en) | 2018-04-04 | 2021-09-14 | International Business Machines Corporation | Tamper-respondent sensors with liquid crystal polymer layers |
US10770410B2 (en) * | 2018-08-03 | 2020-09-08 | Arm Limited | Circuit alteration detection in integrated circuits |
US11436383B2 (en) | 2019-10-29 | 2022-09-06 | Nxp B.V. | Active shielding device and method of active shielding |
US11107778B2 (en) * | 2019-10-29 | 2021-08-31 | Nxp B.V. | Active shielding device and method of active shielding |
US11508667B1 (en) * | 2019-12-17 | 2022-11-22 | Xilinx, Inc. | Embedded shield for protection of memory cells |
US11882645B2 (en) | 2021-10-22 | 2024-01-23 | International Business Machines Corporation | Multi chip hardware security module |
Citations (28)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5117457A (en) * | 1986-11-05 | 1992-05-26 | International Business Machines Corp. | Tamper resistant packaging for information protection in electronic circuitry |
US5389738A (en) * | 1992-05-04 | 1995-02-14 | Motorola, Inc. | Tamperproof arrangement for an integrated circuit device |
US5783870A (en) * | 1995-03-16 | 1998-07-21 | National Semiconductor Corporation | Method for connecting packages of a stacked ball grid array structure |
US5861662A (en) * | 1997-02-24 | 1999-01-19 | General Instrument Corporation | Anti-tamper bond wire shield for an integrated circuit |
US5956576A (en) * | 1996-09-13 | 1999-09-21 | International Business Machines Corporation | Enhanced protection of semiconductors with dual surface seal |
US6016256A (en) * | 1997-11-14 | 2000-01-18 | The Panda Project | Multi-chip module having interconnect dies |
US20010033012A1 (en) * | 1999-12-30 | 2001-10-25 | Koemmerling Oliver | Anti tamper encapsulation for an integrated circuit |
US20020127771A1 (en) * | 2001-03-12 | 2002-09-12 | Salman Akram | Multiple die package |
US6452283B2 (en) * | 1998-08-18 | 2002-09-17 | Infineon Technologies Ag | Semiconductor chip with surface cover |
US6496119B1 (en) * | 1998-11-05 | 2002-12-17 | Infineon Technologies Ag | Protection circuit for an integrated circuit |
US20030008432A1 (en) * | 1999-05-03 | 2003-01-09 | Andreas Kux | Method and device for securing a multi-dimensionally constructed chip stack and chip configuration |
US20030052399A1 (en) * | 2001-09-20 | 2003-03-20 | Mitsubishi Denki Kabushiki Kaisha | Semiconductor device having semiconductor element packaged on interposer |
US20030122779A1 (en) * | 2001-11-01 | 2003-07-03 | Martin Kenneth M. | Method and apparatus for providing tactile sensations |
US6646565B1 (en) * | 2000-06-01 | 2003-11-11 | Hewlett-Packard Development Company, L.P. | Point of sale (POS) terminal security system |
US6753600B1 (en) * | 2003-01-28 | 2004-06-22 | Thin Film Module, Inc. | Structure of a substrate for a high density semiconductor package |
US20040188135A1 (en) * | 2003-03-31 | 2004-09-30 | International Business Machines Corporation | Method and structure for implementing enhanced interconnection performance of a land grid array (LGA) module and a printed wiring board |
US20050173414A1 (en) * | 2002-06-19 | 2005-08-11 | Takahito Ishii | Flexible ptc heating element and method of manufacturing the heating element |
US20060087883A1 (en) * | 2004-10-08 | 2006-04-27 | Irvine Sensors Corporation | Anti-tamper module |
US20060086534A1 (en) * | 2004-10-25 | 2006-04-27 | International Business Machines Corporation | Method of embedding tamper proof layers and discrete components into printed circuit board stack-up |
US7054162B2 (en) * | 2000-02-14 | 2006-05-30 | Safenet, Inc. | Security module system, apparatus and process |
US7065656B2 (en) * | 2001-07-03 | 2006-06-20 | Hewlett-Packard Development Company, L.P. | Tamper-evident/tamper-resistant electronic components |
US20060170091A1 (en) * | 2002-09-17 | 2006-08-03 | Chippac, Inc. | Semiconductor multi-package module having package stacked over die-down flip chip ball grid array package and having wire bond interconnect between stacked packages |
US20060231938A1 (en) * | 2005-04-18 | 2006-10-19 | Mangrum Marc A | Structure for stacking an integrated circuit on another integrated circuit |
US20060231633A1 (en) * | 2005-04-14 | 2006-10-19 | International Business Machines Corporation | Method and structure for implementing secure multichip modules for encryption applications |
US20060231950A1 (en) * | 2005-04-13 | 2006-10-19 | Samsung Electronics Co., Ltd. | Semiconductor package accomplishing fan-out structure through wire bonding |
US7126829B1 (en) * | 2004-02-09 | 2006-10-24 | Pericom Semiconductor Corp. | Adapter board for stacking Ball-Grid-Array (BGA) chips |
US20070018334A1 (en) * | 2005-07-21 | 2007-01-25 | Alain Peytavy | Security method for data protection |
US20070038865A1 (en) * | 2005-07-27 | 2007-02-15 | International Business Machines Corporation | Tamper-proof caps for large assembly |
-
2007
- 2007-04-13 US US11/786,871 patent/US7923830B2/en not_active Expired - Fee Related
Patent Citations (28)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5117457A (en) * | 1986-11-05 | 1992-05-26 | International Business Machines Corp. | Tamper resistant packaging for information protection in electronic circuitry |
US5389738A (en) * | 1992-05-04 | 1995-02-14 | Motorola, Inc. | Tamperproof arrangement for an integrated circuit device |
US5783870A (en) * | 1995-03-16 | 1998-07-21 | National Semiconductor Corporation | Method for connecting packages of a stacked ball grid array structure |
US5956576A (en) * | 1996-09-13 | 1999-09-21 | International Business Machines Corporation | Enhanced protection of semiconductors with dual surface seal |
US5861662A (en) * | 1997-02-24 | 1999-01-19 | General Instrument Corporation | Anti-tamper bond wire shield for an integrated circuit |
US6016256A (en) * | 1997-11-14 | 2000-01-18 | The Panda Project | Multi-chip module having interconnect dies |
US6452283B2 (en) * | 1998-08-18 | 2002-09-17 | Infineon Technologies Ag | Semiconductor chip with surface cover |
US6496119B1 (en) * | 1998-11-05 | 2002-12-17 | Infineon Technologies Ag | Protection circuit for an integrated circuit |
US20030008432A1 (en) * | 1999-05-03 | 2003-01-09 | Andreas Kux | Method and device for securing a multi-dimensionally constructed chip stack and chip configuration |
US20010033012A1 (en) * | 1999-12-30 | 2001-10-25 | Koemmerling Oliver | Anti tamper encapsulation for an integrated circuit |
US7054162B2 (en) * | 2000-02-14 | 2006-05-30 | Safenet, Inc. | Security module system, apparatus and process |
US6646565B1 (en) * | 2000-06-01 | 2003-11-11 | Hewlett-Packard Development Company, L.P. | Point of sale (POS) terminal security system |
US20020127771A1 (en) * | 2001-03-12 | 2002-09-12 | Salman Akram | Multiple die package |
US7065656B2 (en) * | 2001-07-03 | 2006-06-20 | Hewlett-Packard Development Company, L.P. | Tamper-evident/tamper-resistant electronic components |
US20030052399A1 (en) * | 2001-09-20 | 2003-03-20 | Mitsubishi Denki Kabushiki Kaisha | Semiconductor device having semiconductor element packaged on interposer |
US20030122779A1 (en) * | 2001-11-01 | 2003-07-03 | Martin Kenneth M. | Method and apparatus for providing tactile sensations |
US20050173414A1 (en) * | 2002-06-19 | 2005-08-11 | Takahito Ishii | Flexible ptc heating element and method of manufacturing the heating element |
US20060170091A1 (en) * | 2002-09-17 | 2006-08-03 | Chippac, Inc. | Semiconductor multi-package module having package stacked over die-down flip chip ball grid array package and having wire bond interconnect between stacked packages |
US6753600B1 (en) * | 2003-01-28 | 2004-06-22 | Thin Film Module, Inc. | Structure of a substrate for a high density semiconductor package |
US20040188135A1 (en) * | 2003-03-31 | 2004-09-30 | International Business Machines Corporation | Method and structure for implementing enhanced interconnection performance of a land grid array (LGA) module and a printed wiring board |
US7126829B1 (en) * | 2004-02-09 | 2006-10-24 | Pericom Semiconductor Corp. | Adapter board for stacking Ball-Grid-Array (BGA) chips |
US20060087883A1 (en) * | 2004-10-08 | 2006-04-27 | Irvine Sensors Corporation | Anti-tamper module |
US20060086534A1 (en) * | 2004-10-25 | 2006-04-27 | International Business Machines Corporation | Method of embedding tamper proof layers and discrete components into printed circuit board stack-up |
US20060231950A1 (en) * | 2005-04-13 | 2006-10-19 | Samsung Electronics Co., Ltd. | Semiconductor package accomplishing fan-out structure through wire bonding |
US20060231633A1 (en) * | 2005-04-14 | 2006-10-19 | International Business Machines Corporation | Method and structure for implementing secure multichip modules for encryption applications |
US20060231938A1 (en) * | 2005-04-18 | 2006-10-19 | Mangrum Marc A | Structure for stacking an integrated circuit on another integrated circuit |
US20070018334A1 (en) * | 2005-07-21 | 2007-01-25 | Alain Peytavy | Security method for data protection |
US20070038865A1 (en) * | 2005-07-27 | 2007-02-15 | International Business Machines Corporation | Tamper-proof caps for large assembly |
Cited By (34)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20110122563A1 (en) * | 2007-01-25 | 2011-05-26 | Verifone, Inc. | Anti-tamper protected enclosure |
US7723998B2 (en) * | 2007-06-12 | 2010-05-25 | Itt Manufacturing Enterprises, Inc. | Integrated circuit protection and detection grid |
US20080313746A1 (en) * | 2007-06-12 | 2008-12-18 | Itt Manufacturing Enterprises, Inc. | Integrated circuit protection and detection grid |
US20090146267A1 (en) * | 2007-12-05 | 2009-06-11 | Atmel Corporation | Secure connector grid array package |
US7812428B2 (en) * | 2007-12-05 | 2010-10-12 | Atmel Rousset S.A.S. | Secure connector grid array package |
US20100225380A1 (en) * | 2009-03-03 | 2010-09-09 | International Business Machines Corporation | Implementing Tamper Resistant Integrated Circuit Chips |
US8089285B2 (en) * | 2009-03-03 | 2012-01-03 | International Business Machines Corporation | Implementing tamper resistant integrated circuit chips |
US20100259904A1 (en) * | 2009-04-13 | 2010-10-14 | Phytrex Technology Corporation | Signal Conversion Device |
US8422238B2 (en) * | 2009-04-13 | 2013-04-16 | Phytrex Technology Corporation | Signal conversion device |
ITMI20121085A1 (en) * | 2012-06-20 | 2013-12-21 | Giuseppe Nicola Saponaro | METHOD AND APPARATUS FOR THE MANAGEMENT OF TRANSACTIONS THROUGH CREDIT CARDS OR DEBIT CARDS |
WO2013190502A1 (en) * | 2012-06-20 | 2013-12-27 | Jusp S.P.A. | Method and apparatus for managing transactions through credit or debit cards |
US20140028335A1 (en) * | 2012-07-27 | 2014-01-30 | Johnson Electric S.A. | Security wrap with breakable conductors |
US9576450B2 (en) * | 2012-07-27 | 2017-02-21 | Johnson Electric S.A. | Security wrap with breakable conductors |
US10531558B2 (en) | 2015-07-29 | 2020-01-07 | Cyntec Co., Ltd. | Electronic module having electromagnetic shielding structure and manufacturing method thereof |
TWI621378B (en) * | 2015-07-29 | 2018-04-11 | 乾坤科技股份有限公司 | Electronic module with electromagnetic shielding structure and manufacturing method of same |
US9754901B1 (en) | 2016-11-21 | 2017-09-05 | Cisco Technology, Inc. | Bulk thinning detector |
US20180241859A1 (en) * | 2017-02-17 | 2018-08-23 | Lg Electronics Inc. | Printed circuit board and mobile terminal mounted the same |
US20210358837A1 (en) * | 2018-10-26 | 2021-11-18 | Nagravision S.A. | Protection of wire-bond ball grid array packaged integrated circuit chips |
US11288560B2 (en) | 2019-12-20 | 2022-03-29 | Capital One Services, Llc | Systems and methods for overmolding a card to prevent chip fraud |
US11694056B2 (en) | 2019-12-20 | 2023-07-04 | Capital One Services, Llc | Systems and methods for preventing chip fraud by inserts in chip pocket |
US10977539B1 (en) | 2019-12-20 | 2021-04-13 | Capital One Services, Llc | Systems and methods for use of capacitive member to prevent chip fraud |
US11049822B1 (en) | 2019-12-20 | 2021-06-29 | Capital One Services, Llc | Systems and methods for the use of fraud prevention fluid to prevent chip fraud |
US11989607B2 (en) | 2019-12-20 | 2024-05-21 | Capital One Services, Llc | Systems and methods for use of capacitive member to prevent chip fraud |
US10817768B1 (en) | 2019-12-20 | 2020-10-27 | Capital One Services, Llc | Systems and methods for preventing chip fraud by inserts in chip pocket |
US10810475B1 (en) | 2019-12-20 | 2020-10-20 | Capital One Services, Llc | Systems and methods for overmolding a card to prevent chip fraud |
US11361208B2 (en) | 2019-12-20 | 2022-06-14 | Capital One Services, Llc | Systems and methods for preventing chip fraud by inserts in chip pocket |
US11403503B2 (en) | 2019-12-20 | 2022-08-02 | Capital One Services, Llc | Systems and methods for use of capacitive member to prevent chip fraud |
US11682635B2 (en) | 2019-12-20 | 2023-06-20 | Capital One Services, Llc | Systems and methods for the use of fraud prevention fluid to prevent chip fraud |
US10888940B1 (en) | 2019-12-20 | 2021-01-12 | Capital One Services, Llc | Systems and methods for saw tooth milling to prevent chip fraud |
US11699058B2 (en) | 2019-12-20 | 2023-07-11 | Capital One Services, Llc | Systems and methods for overmolding a card to prevent chip fraud |
US11701725B2 (en) | 2019-12-20 | 2023-07-18 | Capital One Services, Llc | Systems and methods for saw tooth milling to prevent chip fraud |
US20210334414A1 (en) * | 2020-04-22 | 2021-10-28 | Samsung Electronics Co., Ltd. | Storage device and solid state drive device with structure for improving security performance and removing data, method of operating the same, and data center including the same |
US11715103B2 (en) | 2020-08-12 | 2023-08-01 | Capital One Services, Llc | Systems and methods for chip-based identity verification and transaction authentication |
WO2024108107A1 (en) * | 2022-11-18 | 2024-05-23 | Jabil Inc. | Apparatus, system, and method for a security operations management module for a payment terminal |
Also Published As
Publication number | Publication date |
---|---|
US7923830B2 (en) | 2011-04-12 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US7923830B2 (en) | Package-on-package secure module having anti-tamper mesh in the substrate of the upper package | |
US7868441B2 (en) | Package on-package secure module having BGA mesh cap | |
JP3717937B2 (en) | Package with multiple semiconductor dies | |
US8890298B2 (en) | Embedded package security tamper mesh | |
US8198142B1 (en) | General purpose ball grid array security cap | |
US7615416B1 (en) | Secure package with anti-tamper peripheral guard ring | |
US7791898B2 (en) | Security apparatus | |
US7402442B2 (en) | Physically highly secure multi-chip assembly | |
US7656630B2 (en) | Active protection device for protecting circuit against mechanical and electromagnetic attack | |
KR19980071653A (en) | Anti-tamper device | |
US8581251B2 (en) | Device for protecting an electronic integrated circuit housing against physical or chemical ingression | |
US9620462B2 (en) | Integrated circuit package having surface-mount blocking elements | |
WO2007018761A2 (en) | Security method for data protection | |
KR20020011361A (en) | Integrated Circuit Card and Circuit Board Suitable For Use in the IC Card | |
US20130206843A1 (en) | Integrated circuit package | |
JPH10255013A (en) | Information recording card |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: ZILOG, INC., CALIFORNIA Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:POPE, STEVEN M.;ZETA, RUBEN C.;REEL/FRAME:019245/0834 Effective date: 20070412 |
|
AS | Assignment |
Owner name: MAXIM INTEGRATED PRODUCTS, INC., CALIFORNIA Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:ZILOG, INC.;ZILOG INTERNATIONAL, LTD.;REEL/FRAME:022892/0099 Effective date: 20090218 Owner name: MAXIM INTEGRATED PRODUCTS, INC.,CALIFORNIA Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:ZILOG, INC.;ZILOG INTERNATIONAL, LTD.;REEL/FRAME:022892/0099 Effective date: 20090218 |
|
STCF | Information on status: patent grant |
Free format text: PATENTED CASE |
|
FPAY | Fee payment |
Year of fee payment: 4 |
|
FEPP | Fee payment procedure |
Free format text: MAINTENANCE FEE REMINDER MAILED (ORIGINAL EVENT CODE: REM.); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY |
|
LAPS | Lapse for failure to pay maintenance fees |
Free format text: PATENT EXPIRED FOR FAILURE TO PAY MAINTENANCE FEES (ORIGINAL EVENT CODE: EXP.); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY |
|
STCH | Information on status: patent discontinuation |
Free format text: PATENT EXPIRED DUE TO NONPAYMENT OF MAINTENANCE FEES UNDER 37 CFR 1.362 |
|
FP | Lapsed due to failure to pay maintenance fee |
Effective date: 20190412 |